DevopsServer.md

Check ssl option available

>$ openssl  s_client -connect devsecops.acme:80
>$ openssl ciphers -v 'TLSv1.2' | head -4

See if running, uptime, view latest logs

>$ systemctl status

See all systemd logs

>$ journalctl

Tail logs

>$ journalctl -f

Show logs for specific service

>$ journalctl -u AgenSmith.service

Register new service

>$ touch /etc/systemd/system/AgenSmith.service
>$ chmod 664 /etc/systemd/system/AgenSmith.service
>$ sudo systemctl daemon-reload
>$ sudo systemctl enable AgenSmith.service 
>$ sudo systemctl start AgenSmith.service
>$ sudo systemctl status AgenSmith.service
>$ journalctl -xe
>$ journalctl -u AgenSmith.service

Disable service

>$ sudo systemctl disable AgenSmith.service

Delete a service

>$ sudo systemctl stop AgenSmith.service
>$ sudo systemctl disable AgenSmith.service
>$ sudo systemctl daemon-reload
>$ [sudo systemctl reset-failed]

Self signed CA authority

>$ sudo openssl req -x509 -nodes -days 730 -subj '/serialNumber=0100000
    /subjectAltName=devsecops.acme
    /[email protected]
    /DC=acme
    /C=FR
    /ST=Yvelines
    /L=Versailles
    /O=Acme systems, Inc.
    /OU=Levitics Application Lifecycle Management Suite
    /CN=www.devsecops.acme' 
    -newkey rsa:4096 
    -keyout /etc/nginx/ssl/www.devsecops.acme.key 
    -out /etc/nginx/ssl/www.devsecops.acme.crt
>$ openssl dhparam -check -out /etc/nginx/ssl/dhparams.www.devsecops.acme.pem 4096
>$ sudo service nginx restart

$> openssl req -x509 -nodes -days 365 -sha256 -subj '/C=FR
    /ST=Yvelines
    /L=Versailles
    /CN=www.devsecops.acme' 
    -newkey rsa:2048 -keyout devops.pem -out devops.pem